The scheme didn't affect Barnes & Noble's Nook tablets or mobile apps, the chain's member database, or any Barnes & Noble College Bookstores. B&N says it caught the problem in mid-September, and that it's safe now to use credit and debit cards at its stores.
The New York Times reported that the hackers had already made purchases on some customer credit cards. Federal authorities are investigating. Barnes & Noble said it is working with banks and card issuers to identify compromised accounts so that additional fraud-protection measures can be taken.
All keypads at the stories have been removed and shipped to a site where they can be examined. The company has determined that only one keypad in each of the affected stores was hacked, but has not reinstalled the devices.
FBI Director Robert Mueller said earlier this year that while terrorism remains the bureau's top priority, cyberthreats could soon pose the greatest threat to the U.S. "There are only two types of companies: those that have been hacked, and those that will be. Even that is merging into one category: those that have been hacked and will be again," Mueller said.